security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e91fc4486e57fc40e30d12253694de4c80a9e4ea
blue-team-tools/rules/compliance/firewall_cleartext_protocols.yml
T
phantinuss b23eee6ebf fix: unknown --> Unknown
2022-03-16 13:43:54 +01:00

85 lines
2.3 KiB
YAML
Raw Blame History

title: Cleartext Protocol Usage
id: d7fb8f0e-bd5f-45c2-b467-19571c490d7e
status: stable
description: Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels. Ensure that an encryption
is used for all sensitive information in transit. Ensure that an encrypted channels is used for all administrative account access.
author: Alexandr Yampolskyi, SOC Prime
date: 2019/03/26
modified: 2021/11/23
references:
- https://www.cisecurity.org/controls/cis-controls-list/
- https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
- https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
logsource:
category: firewall
detection:
selection1:
dst_port:
- 8080
- 21
- 80
- 23
- 50000
- 1521
- 27017
- 3306
- 1433
- 11211
- 15672
- 5900
- 5901
- 5902
- 5903
- 5904
selection2:
action:
- forward
- accept
- 2
condition: selection1 and selection2
falsepositives:
- Unknown
level: low
# tags:
# - CSC4
# - CSC4.5
# - CSC14
# - CSC14.4
# - CSC16
# - CSC16.5
# - NIST CSF 1.1 PR.AT-2
# - NIST CSF 1.1 PR.MA-2
# - NIST CSF 1.1 PR.PT-3
# - NIST CSF 1.1 PR.AC-1
# - NIST CSF 1.1 PR.AC-4
# - NIST CSF 1.1 PR.AC-5
# - NIST CSF 1.1 PR.AC-6
# - NIST CSF 1.1 PR.AC-7
# - NIST CSF 1.1 PR.DS-1
# - NIST CSF 1.1 PR.DS-2
# - ISO 27002-2013 A.9.2.1
# - ISO 27002-2013 A.9.2.2
# - ISO 27002-2013 A.9.2.3
# - ISO 27002-2013 A.9.2.4
# - ISO 27002-2013 A.9.2.5
# - ISO 27002-2013 A.9.2.6
# - ISO 27002-2013 A.9.3.1
# - ISO 27002-2013 A.9.4.1
# - ISO 27002-2013 A.9.4.2
# - ISO 27002-2013 A.9.4.3
# - ISO 27002-2013 A.9.4.4
# - ISO 27002-2013 A.8.3.1
# - ISO 27002-2013 A.9.1.1
# - ISO 27002-2013 A.10.1.1
# - PCI DSS 3.2 2.1
# - PCI DSS 3.2 8.1
# - PCI DSS 3.2 8.2
# - PCI DSS 3.2 8.3
# - PCI DSS 3.2 8.7
# - PCI DSS 3.2 8.8
# - PCI DSS 3.2 1.3
# - PCI DSS 3.2 1.4
# - PCI DSS 3.2 4.3
# - PCI DSS 3.2 7.1
# - PCI DSS 3.2 7.2
# - PCI DSS 3.2 7.3
Reference in New Issue View Git Blame Copy Permalink